course_2
no way to compare when less than two revisions
Différences
Ci-dessous, les différences entre deux révisions de la page.
— | course_2 [2010/01/17 09:58] (Version actuelle) – créée tigli | ||
---|---|---|---|
Ligne 1: | Ligne 1: | ||
+ | ====== Course 2 : Formal Methods for Middleware verification ====== | ||
+ | |||
+ | There are currently two families of formal methods. These two approaches are complementary. | ||
+ | |||
+ | ===== Proof-based verification ===== | ||
+ | |||
+ | Example : such as B or Z | ||
+ | |||
+ | In proof-based methods, the model is described by | ||
+ | means of axioms, properties are theorems to be verified using a theorem prover. | ||
+ | |||
+ | Proof-based techniques allow the analysis of infinite systems. However, the use of a theorem prover is a very difficult | ||
+ | |||
+ | === References === | ||
+ | * Abrial, J., “Z: an introduction to formal methods,” Cambridge University Press, 1995. | ||
+ | * Diller, A., “The B-book,” John Willey & SONS, 1994. | ||
+ | |||
+ | |||
+ | ===== Model-checking ===== | ||
+ | |||
+ | |||
+ | Example : such as Spin or Lustre. | ||
+ | |||
+ | In model checking, the model is expressed using a language from which an exhaustive | ||
+ | execution can be computed (this usually requires a mathematically based | ||
+ | definition). An “execution engine” produces the exhaustive state space associated | ||
+ | to the system as a graph where actions (atomic instructions in the language) relate | ||
+ | to states (a given possible value of the system’s context). It is then possible to | ||
+ | explore the graph to check if a property is satisfied. | ||
+ | |||
+ | |||
+ | Model checking is dedicated to finite-state systems but modeling and verification can be done using graphical toolkits and most steps can be automated | ||
+ | |||
+ | === References | ||
+ | |||
+ | * Halbwachs, N., A tutorial of Lustre (1993). | ||
+ | |||
+ | ===== Verification Techniques ===== | ||
+ | |||
+ | {{: | ||
+ | |||
+ | ===== Lustre ===== | ||
+ | |||
+ | Software : [[http:// | ||
+ | |||
+ | Lustre/ | ||
+ | |||
+ | This distribution is experimental. | ||
+ | |||
+ | It requires a recent, fully installed version of the cygwin system for Windows (gcc, g++, tcl/tk etc). | ||
+ | |||
+ | Within a cygwin shell, extract the archive (typically in / | ||
+ | |||
+ | export LUSTRE_INSTALL=/ | ||
+ | export PATH=$LUSTRE_INSTALL/ | ||
+ | export MANPATH=$MANPATH: | ||
+ | |||
+ | [[http:// | ||
+ | |||
+ | ===== NuSMV ===== | ||
+ | |||
+ | [[http:// | ||
+ | |||
+ | |||
+ | NuSMV is a software tool for the formal verification of finite state systems. It has been developed jointly by ITC-IRST and by Carnegie Mellon University. | ||
+ | |||
+ | NuSMV allows to check finite state systems against specifications in the temporal logic CTL. The input language of NuSMV is designed to allow the description of finite state systems that range from completely synchronous to completely asynchronous. The NuSMV language (like the language of SMV) provides for modular hierarchical descriptions and for the definition of reusable components. The basic purpose of the NuSMV language is to describe (using expressions in propositional calculus) the transition relation of a finite Kripke structure. This provides a great deal of flexibility, | ||
+ | |||
+ | |||
+ | ===== References ===== | ||
+ | |||
+ | * On the Formal Verification of Middleware Behavioral Properties, Jérôme Huguesa, Thomas Vergnauda, Laurent Pauteta, Yann Thierry-Miega, | ||
+ | |||
+ | |||
course_2.txt · Dernière modification : 2010/01/17 09:58 de tigli